Are you interested in taking on a course in
the next academic year bit are not too sure what you should do? Do you work in
IT and want to challenge yourself to learn something new?
I have had the very great pleasure this
year of being an Associate Lecturer on the UK Open University’s postgraduate
Information Security module (M811). So I’d like to do some shameless pimping of
this course because I think it is a great introduction to the subject.
The course covers information security from
a range of angles that I think are appropriate for both the security person and
non-security person. The course is broken down into a couple of blocks;
- · Block 1 – Introduction to Information Security. This gives a gentle introduction to the subject and covers information security imperatives and incentives and information asset identification (i.e. that all important identification of the information ‘crown jewels’ in an organisation and why it is so important to protect them on a prioritised and proportionate basis.
- · Block 2 – Information Security Risk assessment. This is where it really gets into the detail and covers risk assessment and threat & vulnerability impacts. It does all this while allowing you to focus both on your organisation and your home environment so is instantly relevant and provides immediate value.
- · Block 3 – Information Security Risk Management. This covers information security controls and compliance and explains how to establish an information security management system for an organisation.
What I really like about the way it is
structured is that it splits each sub-module into four areas to help optimise your
learning;
·
The Organisation Strand (where you learn
about the relevant Information security standard, ISO27001 and how to ‘do’ risk
assessment and risk management
·
The Personal Strand (where you will
learn to protect your home assets)
·
The Research strand (where you cover
exsiting academic knowledge in the area as a means of challenging assumptions)
·
The Practitioner Strand (to help you
track developments and current issues in Information Security).
The course runs from November 2016 to April
2017. It has three assignments and an end-of-course assessment at the end (i.e.
no formal exam). S
This module is one that can count towards a
range of Open University qualifications or it can simply be taken on its own. So
if you’re interested to understand what an information security function does
all day or you just want to understand the subject a bit better, I’d highly
recommend it.